Attacks on sites had been a common occurence ever since the boom of the Internet market, and it is only usual for people to get into the business themselves either legally or ilegally. Since the occurence of these attacks anti-virus companies had been built, adding yet another business into the market. But the level of attacks had been vastly improving, and one example is what happened on Google, one of the world’s leading search engine. On January 12, 2010, Google announced on its blog that it had been attacked. It was said to have occured from mid last year and finished last December.
Google stated that over 20 other companies including Adobe and Microsoft, had also been victims. On that same day, US Secretary Hilary Clinton publicly asked for an explanation from the Chinese government. Google became aware of the attack themselves, through their inside sources. According to Newsweek, at the time, they contacted Rafal Rohozinski, CEO of The SecDev Group (a global security and research firm) because the attack was very similar to GhostNet (a large scale cyber spying event last March 2009) and they wanted to know what they could share that might be helpful to their in-house investigation.
The attack seems to be emanating from the jurisdiction of China. Google said that the hackers were interested in accessing the Gmail accounts of Chinese human rights activists. According to the Financial Times, a person named Ai Weiwei had his two accounts hacked, their contents read and copied. On the others, however, they were only able to view limited details such as the subject line and the creation date of the account. It was said that the attack started when an employee in China click on an infected linked, which was sent through an instant message.
The attacker was able to access the person’s computer, and eventually Google’s headquarters in California. It also accessed Google’s Moma, an intenal directory that stores information on each of the employees work task. Carlos Carillo, principal consultant of Mandiant (security incident response and forensics firm) was also called in by Google. He said that it was “definitely one of the most sophisticated attacks I’ve seen in the last few years… This wasn’t something that a 16-year-old came up in his spare time.
” He said that they’ve seen similar attacks like this on the government, but never on the commercial space. The level of the attack had certainly been done by a group of experts. Last January 14, 2010, McAfee reported that the attackers had exploited zero-day vulnerabilities and called the attack “Operation Aurora”. They exploited a hole in Microsoft’s Internet Explorer even if their DEP (Data Execution Prevention) was turned on. The vulnerability affects Internet Explorer versions 6, 7, and 8 on Windows 7, Vista, Windows XP, Server 2003, Server 2008 R2, as well as IE 6 Service Pack 1 on Windows 2000 Service Pack 4.
It would be very hard to exploit the flaw on Windows Vista or Windows 7, however, because of its advanced memory protection technology. Zero-day vulnerabilities are those flaws that are unknown to the developer. When the attacker discovers the vulnerability before the developer does, it can prove to be very dangerous. The attacker can either use the vulnerability to copy the information and make a similar program and then sell it to the market, or he can use the vulnerability to directly destroy the program of the developer.
As with Google, analysts said that “China is likely using its maturing computer network exploitation capability to support intelligence collection against the U. S. government and industry by conducting a long term, sophisticated computer network exploitation campaign. ” At least 10 to 20 terabytes of data had been taken from Google and other companies. Days after the attack, the exploit had been opened to the public, which are now dangerous to the internet community. Paul Ducklin, Head of Technology (Asia Pacific) from Sophos Lab(developer and vendor of security software and hardware), explained how the exploit on Google was done.
He went to a test server wherein he edited the shellcode, that contains debug breakpoints and he added some human readable text “WARHEAD” so that if the computer crashed he can visually confirm that it was into the computer’s shellcode. He tried it in IE 6, wherein he put it in the debug controller and only attaching debug to it (the reason for doing so is of course because of the debug breakpoints, so if the exploit actually works, he can track back into the debugger). Then he clicked on Internet Explorer and visited the malicious site.
The exploit actually relies on fetching image files. It worked when he tried to see the address on the debugger, “WARHEAD” came out. Usually, a good anti-virus program can protect internet users from these kind of exploits. In order to fix the IE flaw, Microsoft stepped out of its normal monthly patch cycle to release a patch. The users of IE are now required to run Windows update and click on MS10-002 update to fix it. Meanwhile, Google announced that it would stop censoring its search results in China.
David Drimmond, Senior Vice President, Corporate Development and Chief Legal Officer of Google said “Users visiting Google. cn are now being redirected to Google. com. hk, where we are offering uncensored search in simplified Chinese, specifically designed for users in mainland China and delivered via our servers in Hong Kong. ” Censorship in China had been a rule to maintain the country’s communism. Censhorship prevents unapproved reformist, separatist, “counter-revolutionary” ideas from organizing themselves and spreading.
It also prevents Chinese citizens from discovering or learning more about past and current failures of the Communist Party that could create or inflame anti-government sentiment. They had also intended on blocking foreign government websites to prevent the people from learning alternative systems of governance . What Google did was a risky step because China may stop doing business with Google altogether. And China, is one of the most sought-after market in the world today.
Analysts expects China’s search market to reach 10 billion yuan ($1.46 billion) this year. However, in 5 to 10 years, what Google did may prove to be advantageous for them. Ben Sargent, an analyst with Common Sense Advisory, a market research company said that “As a culture, China is much more long-term thinking than most other cultures. No other government takes such long-term views as the Chinese government,” Sargent said. “So Google is trying to out-Chinese the Chinese in terms of making a really long-term play for young people’s hearts and minds in China. ”
Google had always been concerned on its position in China, but the country is too big of a market to ignore. As what Rohozinski have said, “Engagement is better than exclusion. ” You can do a lot more for the people if you work from the inside than just standing around and watching. Google went in with their eyes wide open. Sergey Brin(founder of Google), who had been from the Soviet Union understood China on its political views. The cyber spying just gave them the opportunity to make their stand and make the world praise them for it.
Why Work with Us
Top Quality and Well-Researched Papers
We always make sure that writers follow all your instructions precisely. You can choose your academic level: high school, college/university or professional, and we will assign a writer who has a respective degree.
Professional and Experienced Academic Writers
We have a team of professional writers with experience in academic and business writing. Many are native speakers and able to perform any task for which you need help.
Free Unlimited Revisions
If you think we missed something, send your order for a free revision. You have 10 days to submit the order for review after you have received the final document. You can do this yourself after logging into your personal account or by contacting our support.
Prompt Delivery and 100% Money-Back-Guarantee
All papers are always delivered on time. In case we need more time to master your paper, we may contact you regarding the deadline extension. In case you cannot provide us with more time, a 100% refund is guaranteed.
Original & Confidential
We use several writing tools checks to ensure that all documents you receive are free from plagiarism. Our editors carefully review all quotations in the text. We also promise maximum confidentiality in all of our services.
24/7 Customer Support
Our support agents are available 24 hours a day 7 days a week and committed to providing you with the best customer experience. Get in touch whenever you need any assistance.
Try it now!
How it works?
Follow these simple steps to get your paper done
Place your order
Fill in the order form and provide all details of your assignment.
Proceed with the payment
Choose the payment system that suits you most.
Receive the final file
Once your paper is ready, we will email it to you.
No need to work on your paper at night. Sleep tight, we will cover your back. We offer all kinds of writing services.
No matter what kind of academic paper you need and how urgent you need it, you are welcome to choose your academic level and the type of your paper at an affordable price. We take care of all your paper needs and give a 24/7 customer care support system.
Admission Essays & Business Writing Help
An admission essay is an essay or other written statement by a candidate, often a potential student enrolling in a college, university, or graduate school. You can be rest assurred that through our service we will write the best admission essay for you.
Our academic writers and editors make the necessary changes to your paper so that it is polished. We also format your document by correctly quoting the sources and creating reference lists in the formats APA, Harvard, MLA, Chicago / Turabian.
If you think your paper could be improved, you can request a review. In this case, your paper will be checked by the writer or assigned to an editor. You can use this option as many times as you see fit. This is free because we want you to be completely satisfied with the service offered.